Senior Information Risk Owner: Training & Consultancy
Following the major loss of data by Her Majesty’s Customs and Revenue (HMRC), all NHS organisations have to have a Senior Information Risk Owner.
The role of a Senior Information Risk Owner (SIRO) is one of several measures to strengthen information security. The SIRO should be an Executive or Senior Manager on the Board, or Executive Group, who is familiar with information risks and the organisation’s response to risk. It is important that whoever fills the role has the knowledge and skills necessary to provide the required input and support to the Board and to the accountable officer.
Increasing, Local Authorities are now starting to establish the role of SIRO with IAO's and IAA's taking on the daily responsibility. This is also being further developed by the Working Party at Connecting for Health in relation to the Information Governance Toolkit V10 for Local Authorities
The Senior Information Risk Owner
The role of the Senior Information Risk Owner is essential in establishing robust systems to safeguard and risk-assess information management.
Our comprehensive training has been acknowledged by Connecting for Health as follows:
“Training provided for SIROs by Dilys Jones Associates Ltd is sufficient to meet IG Toolkit requirement." This will be in conjunction with the CfH on-line SIRO assessment, and there may be changes in this approach, with which we will keep you updated.
The benefits include:
- face to face training
- risk assessment templates
- business continuity
- and all other associated business processes by providing practical examples, templates and guidance based on indepth experience.
See available dates and the full course programme here
Feedback from delegates
“Excellent session. I will be sending others.”
“Workshop was very good. My objective was to understand what was required of me in the SIRO role. This was achieved.”
“Easy to follow, made sense of the complicated guidance. Feel more reassured of what we are doing in IG …………. and more importantly what we need to do!
Training for Information Asset Owners and Information Asset Administrators
Most organisations have a vast array of information assets. They need an Information Asset Owner (IAO) and Information Asset Administrator (IAA) in each Department to help them with this responsibility and to make sure that the safe management of information is bedded down across the organisation.
These roles of the Information Asset Owner / Administrator (IAO / IAA) are essential. Without them the Senior Information Risk Owner (SIRO) has no eyes and ears, and the information governance manager faces an uphill struggle to assure that the organisation is fulfilling all its legal and regulatory requirements when handling any data. It is essential in establishing robust systems to safeguard and risk assesses information management. They are one of the requirements of the NHS Toolkit and therefore mandated.
The course covers the support required for the SIRO, the background to the role, the legal framework, the actions required, information risk assessment, logging assets and taking forward an information management system.
Due to the numbers of participants who have to fullfil this role and the practical risk assessment logging carried out on the day, we only offer this training as bespoke
Bespoke Courses and Consultancy
We also provide:
- Bespoke SIRO training
- Bespoke SIRO Refresher Training
- One to one SIRO sessions
- Bespoke IAO Training
- Bespoke IAA Training
- Bespoke Follow-up IAO Training
- Consultancy for both SIRO's and IAO's
Useful Resources for the SIRO
- Business Case for SIRO and IAO Framework - Click here
- Connecting for Health Tools and Resources - Click here
- Connecting for Health Information Security Resources - Click here
- Privacy Impact Assessments - Click here
- Data Sharing Review (Thomas Walport Review) 11 July 2008. Click here
- Review of Information Security at HM Revenue and Customs Final Review Kieran Poynter 25 July 2008. Click here
- The SIRO: Connecting for Health.Click here
- Data Handling Procedures in Government: Final Report Cabinet Office 2008 - Click here
We can provide consultancy in all areas of information risk assessment and management.
To see details of our SIRO Network - click here
Contact: firstname.lastname@example.org or email@example.com
On: 01344 636388
To see details of our SIRO Network -